diff --git a/cacti-httpd.conf b/cacti-httpd.conf
index 4d4c26b..e888f31 100644
--- a/cacti-httpd.conf
+++ b/cacti-httpd.conf
@@ -11,14 +11,15 @@ Alias /cacti    /usr/share/cacti
 	Order Deny,Allow
 	Deny from all
 	Allow from 127.0.0.1
-	
-	# mod_security overrides
-	<IfModule security2_module>
-		# allow POST of application/x-www-form-urlencoded during install
-		SecRuleRemoveById 960010
-		# permit the specification of the rrdtool paths during install
-		SecRuleRemoveById 900011
-	</IfModule>
+</Directory>
+
+<Directory /usr/share/cacti/install>
+	# mod_security overrides.
+	# Uncomment these if you use mod_security.
+	# allow POST of application/x-www-form-urlencoded during install
+	#SecRuleRemoveById 960010
+	# permit the specification of the rrdtool paths during install
+	#SecRuleRemoveById 900011
 </Directory>
 
 
diff --git a/cacti.README.Fedora b/cacti.README.Fedora
index acb284b..2506536 100644
--- a/cacti.README.Fedora
+++ b/cacti.README.Fedora
@@ -8,6 +8,9 @@ For more information about setting up the database please read:
 
 docs/INSTALL
 
+Cacti's install procedure is not fully compatible with mod_security. If you use
+mod_security, please uncomment the SecRuleRemoveById lines in
+/etc/http/conf.d/cacti.conf.
 
 As of Feb. 6, 2006 Cacti does not work correctly with SELinux.  This will
 change in the future.  If you're having issues getting Cacti to work properly